Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 26

Thread: What would you do ?

  1. #11
    Senior Member Cemetric's Avatar
    Join Date
    Oct 2002
    Posts
    491
    Basically you want to Social Engineer your client.
    Now that's maybe not a bad idea ... but now I have to convince my boss of this , that's something else ... anyway I'll make a nice report of the things I'll want to do and the steps I'm gonna take... with some fancy numbers in it ...this might help

    But definetly worth investigating this Lunch thingy

    Thanks,

    C.
    Back when I was a boy, we carved our own IC's out of wood.

  2. #12
    Senior Member
    Join Date
    Jul 2004
    Posts
    469
    Something just doesn't sit well with me about this whole senerio. Why wouldn't you be able to talk to the client? Why aren't you given the info you need to do your job? Why aren't you allowed to seek this info? A client isn't a client unless they're willing and able to give you what you need. This is like if I told you there was a pot of gold burried somewhere in the US and I want you to find it. Happy treasure hunting.

    Really though, you need to talk to the client and find out why he has this feeling so you will know where to start. I personally would leave out the IT staff due to the fact that, if its an inside hack they have the most access and ability in this regard. In my experience though, people use "I've been hacked" to explain anything that might go wrong with a computer. It's possibly he received a pop-up from a website that says, "You've been hacked! Download our software to protect yourself".

  3. #13
    Dead Man Walking
    Join Date
    Jan 2003
    Posts
    810
    Sounds to me like maybe your boss wants you to tell him what to do so he can take credit for it.

  4. #14
    Senior Member Cemetric's Avatar
    Join Date
    Oct 2002
    Posts
    491
    All is well ...finally

    I persuaded my Boss to have a face to face meeting with the client ..it took some fancy numbers and different colors though

    Seems as this is a "personal" friend of my boss (fancy that, not realy a new client then) and he didn't want this to be taken lightly (as if) ... but now that he saw my plan he was all open about it (Jeezz).

    So what is the problem ... the client has a new laptop (With Windows XP) and it needs to be updated and checked ... but he doesn't trust the local IT-staff anymore because he thinks they leave some "port" (his words) open on his laptop and use it to get sensitive info.(Why not get them fired then ??..probably wants more evidence ??)

    But anyway the story short is , I need to do a security audit (why not tell me this immediately then) and report back to the client directly , not pass by the IT-staff...So all your tips will come in handy... now where's that Knoppix disk.

    All the hush-hush for this... go figure ... but that's what you get with "personal" friends I guess!

    Anyway thanks guys for giving me some advice ...It made writing the report a bit easier.

    C.
    Back when I was a boy, we carved our own IC's out of wood.

  5. #15
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    Cemetric

    Please take a little advice from someone who has "been there and done that" so to speak. You are obviously talking about a professional relationship with a major new potential client?

    1. Do not use the free versions of commercial software. They are for private use only. If you do this you will only create the impression that you are unprofessional and untrustworthy. Go for the 30 day evaluations instead

    2. Do not try to do anything on the cheap. It is results that count not price.............you are your company's ambassador, and first impressions are important. If you act the cheapskate, they will expect your fees to be the same

    3. Let the client do the talking, listen and evaluate. When they have finished you can ask your questions. Make sure that they indicate that you have listened to and understood what the client has said.

    4. Keep important meetings offsite and away from the client's premises. Preferably during working time (not lunch breaks) when the "ears that hear and eyes that see" are otherwise occupied.

    5. Make sure that you have a good cover story to explain why you are there. Otherwise you will be spotted immediately and they will cover their tracks and hide. I don't know the Belgian scene these days but perhaps some "data protection/security statutory compliance audit"............."TVA recording compliance audit"......

    I base this advice on the time I spent as an auditor, and the brief was to catch thieves (fraudsters)

    Good luck

  6. #16
    Senior Member Cemetric's Avatar
    Join Date
    Oct 2002
    Posts
    491
    Mmm very good advice nihil,

    I'll keep it in mind ... as I got time to prepare myself ...the first meeting is set for the 13th of may ..so it seems it's not that urgent anymore ... this case is getting weirder by the minute.

    But you make a valid point in your point 1 , I didn't think about it like that.
    So it gives me a bit more time to prepare and search some tools with that 30 days eval.

    About the cheapskate ... I think he alleady gets a "nice" price ..but that , as you mention, doesn't mean I have to "act" the cheapskate so valid point yet again.

    As for the other points ... all good advice and will try to use it

    Many thanks,

    C.
    Back when I was a boy, we carved our own IC's out of wood.

  7. #17
    Junior Member
    Join Date
    Oct 2002
    Posts
    20

    Talking

    In windows 2000 and XP (not sure about NT) if you go the the Computer Management part of the control panel it will show you Current share connections, including user name, computer name and a few other tid bits of information, I haven't done much security work for large companies but I know home computer users like to see that MS Windows is doing something about their security, even though we know it's not doing a good enough job!

  8. #18
    Senior Member
    Join Date
    Mar 2005
    Posts
    400

    Exclamation

    Among others, IknowNot and Nihil gave some good advice. I agree.
    ZT3000
    Beta tester of "0"s and "1"s"

  9. #19
    THE Bastard Sys***** dinowuff's Avatar
    Join Date
    Jun 2003
    Location
    Third planet from the Sun
    Posts
    1,253
    Originally posted here by Cemetric
    but he doesn't trust the local IT-staff anymore because he thinks they leave some "port" (his words) open on his laptop and use it to get sensitive info
    Just to add to Nihils advice. The big Guy thinks he's being hacked? some "port"? He doesn't trust the IT Staff. Remember the IT staff doesn't need to Hack the laptop. When it's connected to the network, Some If not all (Depending on the size of the company) will have admin rights, know the local admin account, etc.

    I've ran into a situation where a programmer for HR software was giving out individual pay amounts to fellow employees. The programmer had access to the data to do her job, but abused the privilege.

    So here's my additional advice. Keep quiet during the investigation. Compile the data and let the Boss ask the questions. Don't offer any advice unless asked.
    09:F9:11:02:9D:74:E3:5B8:41:56:C5:63:56:88:C0

  10. #20
    Senior Member
    Join Date
    Jul 2004
    Posts
    469
    Originally posted here by dinowuff
    So here's my additional advice. Keep quiet during the investigation. Compile the data and let the Boss ask the questions. Don't offer any advice unless asked.
    I disagree. I think being the expert in the field you are obligated to give advice. I agree that you might want to be selective on the advice you give, but by all means tell the boss what he needs to know. In most cases the boss doesn't know what questions to ask, so waiting for him to ask them isn't going to get anything accomplished. If its a case of misguided mistrust, educate him.

    Edit: After re-reading your statement, are you talking about the tech boss, or the client boss?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •